Third-Party Cookies Without Consent

critical

technical· Art. 13, 14 GDPR

Actions

146

Total Fines

€630.7M

Median Fine

€104K

Countries

What is Third-Party Cookies Without Consent?

Third-party tracking cookies or scripts are loaded without obtaining prior user consent. European data protection authorities have issued 146 enforcement actions for third-party cookies without consent violations, imposing a combined €630,679,114 in penalties. The median fine is €104K, indicating that regulators view this violation as warranting substantial financial deterrence. The largest recorded penalty for this violation type was a €325,000,000 fine against Google LLC in France. The most active enforcers of this violation type are Germany, Italy, Austria.

Largest Fines for Third-Party Cookies Without Consent

Fine

€325.0M fine in France (2025)

Sept 2025🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€325.0M

Fine

INFINITE STYLES SERVICES CO. LIMITED (France) - €150.0M

Sept 2025🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€150.0M

Fine

€60.0M fine in France (2022)

Dec 2022🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€60.0M

Fine

€40.0M fine in France (2023)

Jun 2023🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€40.0M

Fine

€12.3M fine in Italy (2020)

Nov 2020🇮🇹 ItalyGarante per la protezione dei dati personali

€12.3M

Recent Enforcement

Complaint Upheld

Microsoft Corporation (Austria)

Jan 2026🇦🇹 AustriaDatenschutzbehörde

No fine

Court Ruling

court ruling in Germany (2026)

Jan 2026🇩🇪 GermanyDPA LGWrzburg

No fine

Court Ruling

Court case 6 U 81/23 (Germany)

Dec 2025🇩🇪 GermanyDPA LGFrankfurt

No fine

Fine

€123K fine in United Kingdom (2025)

Dec 2025🇬🇧 United KingdomInformation Commissioner's Office

€123K

Fine

€40K fine in Belgium (2025)

Nov 2025🇧🇪 BelgiumAutorité de Protection des Données

€40K

Enforcement by Country

Country	Actions	Total Fines
🇩🇪 Germany	30	€0
🇮🇹 Italy	28	€38.9M
🇦🇹 Austria	12	€0
🇪🇸 Spain	12	€119K
🇫🇷 France	12	€581.1M
🇧🇪 Belgium	9	€140K
🇸🇪 Sweden	8	€7.5M
🇳🇱 Netherlands	8	€50K
🇬🇧 United Kingdom	7	€486K
🇳🇴 Norway	5	€2.2M
🇨🇾 Cyprus	2	€6K
🇩🇰 Denmark	2	€0
🇵🇱 Poland	2	€0
🇫🇮 Finland	2	€0
🇷🇴 Romania	1	€2K
🇮🇪 Ireland	1	€0
🇨🇿 Czech Republic	1	€4K
🇵🇹 Portugal	1	€107K
🇪🇺 European Union	1	€0
🇱🇺 Luxembourg	1	€0
🇱🇻 Latvia	1	€0

Frequently Asked Questions

What is a third-party cookies without consent violation?

A third-party cookies without consent violation occurs when a website's cookie consent implementation fails to meet GDPR or ePrivacy requirements. European DPAs have issued 146 enforcement actions for this violation, with fines totaling €630.7M.

What is the typical fine for third-party cookies without consent?

The median fine for third-party cookies without consent violations is €104K, though amounts vary significantly based on the severity and scale of the violation.

Which countries enforce third-party cookies without consent violations most?

The most active countries in enforcing third-party cookies without consent violations are Germany, Italy, Austria.

Explore More

All Violation Types

Browse all enforcement categories

Enforcement by Country

Browse enforcement across Europe

GDPR Articles

Explore cited GDPR provisions